On Tue, 1 Feb 2005, Mark Crispin wrote: >On Tue, 1 Feb 2005, Vadim Zeitlin wrote: >> In theory I totally agree but in practice there is this broken server >> which doesn't support any other way to login except by using USER but still >> doesn't advertise it. It's clearly is a bug in server implementation and >> using USER is the only way to work around it. > >The server may not be broken. > >They may have an administrative policy that clients should use the SSL >POP3 service (port 995) instead of unencrypted POP3 port 110; but for the >benefit of old pre-SSL clients (which also would not use CAPA) it allows >the USER/PASS commands.
I have come across at least two pop servers that don't advertise USER and yet don't use SSL-POP3 nor any other authentication schemes. Both of them are at rather large ISPs (here in Japan.) As the chance of getting their sys. adm. to change their behavior is less than zero, I had to patch my c-client-based stuff. Nonetheless, the c-client distrubtion should NOT be changed in order to serve mis-configured servers. It is the responsibility of c-client users, like myself to make the relevant changes. And yes, the banner offered by my patched ipopd clearly shows that it has been patched:) -- N. -- ------------------------------------------------------------------ For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html ------------------------------------------------------------------
